Chinese hackers and Bitcoin ransomware

Comment: Although the attacks on US companies have temporarily stopped, there is still no reason to believe that the Bitcoin malware threat is over. Internet criminals use malware to attack individuals and companies in an attempt to control user computer access for ransom. It is said that the recent wave of ransomware attacks on US companies was carried out by Chinese hackers. Although US and Chinese corporate espionage and hacking are nothing new, the scale of this attack is unprecedented. Of course, this does not mean that Bitcoin ransomware will suddenly disappear, because Internet criminals still prefer this model of making money quickly.

Chinese hackers team up to deploy ransomware

Ransomware is rampant in the global market and can no longer be ignored. At the same time, government-sponsored hacker groups are not shy about it. Recent security reports from four companies all stated that Chinese hackers use Bitcoin ransomware to specifically attack American companies.

Most people have seen the dangers of ransomware because they have had their computers shut down. Restoring files from backups may not work because many Bitcoin ransomware strains delete shadow copies. And it’s not just your average basement nerd that’s attacking American businesses.

Instead, there have been multiple reports of attacks at a higher level, often with state sponsorship, that use remote control software and spread various malware across the Internet.

Although the inherent security vulnerabilities of application servers make them a prime target for hackers, it is not so easy to trick network computers into installing Bitcoin ransomware. An unnamed company said that one-third of its computers were attacked by ransomware.

Assuming the report is true, why did Chinese hackers choose Bitcoin ransomware for their attacks? One theory is that Chinese government-sponsored hackers see ransomware as a way to increase their income, as support for economic espionage has declined, reducing the need for industry personnel.

Another worrying possibility is that internet criminals may have gained access to attack toolkits from state-sponsored hackers, which could include new bitcoin ransomware and tools used to gain access to the internet and corporate infrastructure.

The Bitcoin ransomware threat is far from over

Although the current attack on US companies has paused, it does not mean the threat of Bitcoin malware has ended. Hackers gain access to computers and hold users ransomed.

As encryption technology continues to improve, it will be difficult for end users to regain access to files without paying the ransom. The amount demanded by hackers is not high, so paying the ransom is a better option. Following phishing software and online payment traps, ransomware will become the mainstream of cybercrime.